SUSE-CU-2025:5135-1: Security update of suse/sle-micro-rancher/5.4
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Jul 10 07:11:49 UTC 2025
SUSE Container Update Advisory: suse/sle-micro-rancher/5.4
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:5135-1
Container Tags : suse/sle-micro-rancher/5.4:5.4.4.5.16 , suse/sle-micro-rancher/5.4:latest
Container Release : 4.5.16
Severity : important
Type : security
References : 1184350 1193629 1204569 1204619 1204705 1205282 1206051 1206073
1206649 1206886 1206887 1208542 1209292 1209556 1209684 1210337
1210763 1210767 1211465 1213012 1213013 1213094 1213096 1213946
1214991 1218470 1232649 1234887 1235100 1237981 1238032 1240177
1240802 1241525 1241526 1241640 1241648 1242147 1242150 1242151
1242154 1242157 1242158 1242164 1242165 1242169 1242215 1242218
1242219 1242222 1242226 1242227 1242228 1242229 1242230 1242231
1242232 1242237 1242239 1242241 1242244 1242245 1242248 1242261
1242264 1242265 1242270 1242276 1242279 1242280 1242281 1242282
1242284 1242285 1242289 1242294 1242305 1242312 1242320 1242338
1242352 1242353 1242355 1242357 1242358 1242361 1242365 1242366
1242369 1242370 1242371 1242372 1242377 1242378 1242380 1242382
1242385 1242387 1242389 1242391 1242392 1242394 1242398 1242399
1242402 1242403 1242409 1242411 1242415 1242416 1242421 1242422
1242426 1242428 1242440 1242443 1242449 1242452 1242453 1242454
1242455 1242456 1242458 1242464 1242467 1242469 1242473 1242478
1242481 1242484 1242489 1242493 1242497 1242527 1242542 1242544
1242545 1242547 1242548 1242549 1242550 1242551 1242558 1242570
1242580 1242586 1242589 1242596 1242597 1242685 1242686 1242688
1242689 1242695 1242716 1242733 1242734 1242735 1242736 1242739
1242743 1242744 1242745 1242746 1242747 1242749 1242752 1242753
1242756 1242759 1242762 1242765 1242767 1242778 1242779 1242790
1242791 1243047 1243133 1243649 1243660 1243737 1243919 CVE-2022-3564
CVE-2022-3619 CVE-2022-3640 CVE-2022-49110 CVE-2022-49139 CVE-2022-49767
CVE-2022-49769 CVE-2022-49770 CVE-2022-49771 CVE-2022-49772 CVE-2022-49775
CVE-2022-49776 CVE-2022-49777 CVE-2022-49779 CVE-2022-49783 CVE-2022-49787
CVE-2022-49788 CVE-2022-49789 CVE-2022-49790 CVE-2022-49792 CVE-2022-49793
CVE-2022-49794 CVE-2022-49796 CVE-2022-49797 CVE-2022-49799 CVE-2022-49800
CVE-2022-49801 CVE-2022-49802 CVE-2022-49807 CVE-2022-49809 CVE-2022-49810
CVE-2022-49812 CVE-2022-49813 CVE-2022-49818 CVE-2022-49821 CVE-2022-49822
CVE-2022-49823 CVE-2022-49824 CVE-2022-49825 CVE-2022-49826 CVE-2022-49827
CVE-2022-49830 CVE-2022-49832 CVE-2022-49834 CVE-2022-49835 CVE-2022-49836
CVE-2022-49839 CVE-2022-49841 CVE-2022-49842 CVE-2022-49845 CVE-2022-49846
CVE-2022-49850 CVE-2022-49853 CVE-2022-49858 CVE-2022-49860 CVE-2022-49861
CVE-2022-49863 CVE-2022-49864 CVE-2022-49865 CVE-2022-49868 CVE-2022-49869
CVE-2022-49870 CVE-2022-49871 CVE-2022-49874 CVE-2022-49879 CVE-2022-49880
CVE-2022-49881 CVE-2022-49885 CVE-2022-49887 CVE-2022-49888 CVE-2022-49889
CVE-2022-49890 CVE-2022-49891 CVE-2022-49892 CVE-2022-49900 CVE-2022-49905
CVE-2022-49906 CVE-2022-49908 CVE-2022-49909 CVE-2022-49910 CVE-2022-49915
CVE-2022-49916 CVE-2022-49922 CVE-2022-49923 CVE-2022-49924 CVE-2022-49925
CVE-2022-49927 CVE-2022-49928 CVE-2022-49931 CVE-2023-1990 CVE-2023-53035
CVE-2023-53038 CVE-2023-53039 CVE-2023-53040 CVE-2023-53041 CVE-2023-53044
CVE-2023-53045 CVE-2023-53049 CVE-2023-53051 CVE-2023-53052 CVE-2023-53054
CVE-2023-53056 CVE-2023-53058 CVE-2023-53059 CVE-2023-53060 CVE-2023-53062
CVE-2023-53064 CVE-2023-53065 CVE-2023-53066 CVE-2023-53068 CVE-2023-53075
CVE-2023-53077 CVE-2023-53078 CVE-2023-53079 CVE-2023-53081 CVE-2023-53084
CVE-2023-53087 CVE-2023-53089 CVE-2023-53090 CVE-2023-53091 CVE-2023-53092
CVE-2023-53093 CVE-2023-53096 CVE-2023-53098 CVE-2023-53099 CVE-2023-53100
CVE-2023-53101 CVE-2023-53106 CVE-2023-53108 CVE-2023-53111 CVE-2023-53114
CVE-2023-53116 CVE-2023-53118 CVE-2023-53119 CVE-2023-53123 CVE-2023-53124
CVE-2023-53125 CVE-2023-53131 CVE-2023-53134 CVE-2023-53137 CVE-2023-53139
CVE-2023-53140 CVE-2023-53142 CVE-2023-53143 CVE-2023-53145 CVE-2024-53168
CVE-2024-56558 CVE-2025-21888 CVE-2025-21999 CVE-2025-22056 CVE-2025-22060
CVE-2025-23138 CVE-2025-23145 CVE-2025-37785 CVE-2025-37789 CVE-2025-37948
CVE-2025-37963
-----------------------------------------------------------------
The container suse/sle-micro-rancher/5.4 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:2262-1
Released: Thu Jul 10 00:23:39 2025
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1184350,1193629,1204569,1204619,1204705,1205282,1206051,1206073,1206649,1206886,1206887,1208542,1209292,1209556,1209684,1210337,1210763,1210767,1211465,1213012,1213013,1213094,1213096,1213946,1214991,1218470,1232649,1234887,1235100,1237981,1238032,1240177,1240802,1241525,1241526,1241640,1241648,1242147,1242150,1242151,1242154,1242157,1242158,1242164,1242165,1242169,1242215,1242218,1242219,1242222,1242226,1242227,1242228,1242229,1242230,1242231,1242232,1242237,1242239,1242241,1242244,1242245,1242248,1242261,1242264,1242265,1242270,1242276,1242279,1242280,1242281,1242282,1242284,1242285,1242289,1242294,1242305,1242312,1242320,1242338,1242352,1242353,1242355,1242357,1242358,1242361,1242365,1242366,1242369,1242370,1242371,1242372,1242377,1242378,1242380,1242382,1242385,1242387,1242389,1242391,1242392,1242394,1242398,1242399,1242402,1242403,1242409,1242411,1242415,1242416,1242421,1242422,1242426,1242428,1242440,1242443,1242449,1242452,1242453,1242454,1242455,1242456,1242458,1
242464,1242467,1242469,1242473,1242478,1242481,1242484,1242489,1242493,1242497,1242527,1242542,1242544,1242545,1242547,1242548,1242549,1242550,1242551,1242558,1242570,1242580,1242586,1242589,1242596,1242597,1242685,1242686,1242688,1242689,1242695,1242716,1242733,1242734,1242735,1242736,1242739,1242743,1242744,1242745,1242746,1242747,1242749,1242752,1242753,1242756,1242759,1242762,1242765,1242767,1242778,1242779,1242790,1242791,1243047,1243133,1243649,1243660,1243737,1243919,CVE-2022-3564,CVE-2022-3619,CVE-2022-3640,CVE-2022-49110,CVE-2022-49139,CVE-2022-49767,CVE-2022-49769,CVE-2022-49770,CVE-2022-49771,CVE-2022-49772,CVE-2022-49775,CVE-2022-49776,CVE-2022-49777,CVE-2022-49779,CVE-2022-49783,CVE-2022-49787,CVE-2022-49788,CVE-2022-49789,CVE-2022-49790,CVE-2022-49792,CVE-2022-49793,CVE-2022-49794,CVE-2022-49796,CVE-2022-49797,CVE-2022-49799,CVE-2022-49800,CVE-2022-49801,CVE-2022-49802,CVE-2022-49807,CVE-2022-49809,CVE-2022-49810,CVE-2022-49812,CVE-2022-49813,CVE-2022-49818,CVE-2022-49
821,CVE-2022-49822,CVE-2022-49823,CVE-2022-49824,CVE-2022-49825,CVE-2022-49826,CVE-2022-49827,CVE-2022-49830,CVE-2022-49832,CVE-2022-49834,CVE-2022-49835,CVE-2022-49836,CVE-2022-49839,CVE-2022-49841,CVE-2022-49842,CVE-2022-49845,CVE-2022-49846,CVE-2022-49850,CVE-2022-49853,CVE-2022-49858,CVE-2022-49860,CVE-2022-49861,CVE-2022-49863,CVE-2022-49864,CVE-2022-49865,CVE-2022-49868,CVE-2022-49869,CVE-2022-49870,CVE-2022-49871,CVE-2022-49874,CVE-2022-49879,CVE-2022-49880,CVE-2022-49881,CVE-2022-49885,CVE-2022-49887,CVE-2022-49888,CVE-2022-49889,CVE-2022-49890,CVE-2022-49891,CVE-2022-49892,CVE-2022-49900,CVE-2022-49905,CVE-2022-49906,CVE-2022-49908,CVE-2022-49909,CVE-2022-49910,CVE-2022-49915,CVE-2022-49916,CVE-2022-49922,CVE-2022-49923,CVE-2022-49924,CVE-2022-49925,CVE-2022-49927,CVE-2022-49928,CVE-2022-49931,CVE-2023-1990,CVE-2023-53035,CVE-2023-53038,CVE-2023-53039,CVE-2023-53040,CVE-2023-53041,CVE-2023-53044,CVE-2023-53045,CVE-2023-53049,CVE-2023-53051,CVE-2023-53052,CVE-2023-53054,CVE-
2023-53056,CVE-2023-53058,CVE-2023-53059,CVE-2023-53060,CVE-2023-53062,CVE-2023-53064,CVE-2023-53065,CVE-2023-53066,CVE-2023-53068,CVE-2023-53075,CVE-2023-53077,CVE-2023-53078,CVE-2023-53079,CVE-2023-53081,CVE-2023-53084,CVE-2023-53087,CVE-2023-53089,CVE-2023-53090,CVE-2023-53091,CVE-2023-53092,CVE-2023-53093,CVE-2023-53096,CVE-2023-53098,CVE-2023-53099,CVE-2023-53100,CVE-2023-53101,CVE-2023-53106,CVE-2023-53108,CVE-2023-53111,CVE-2023-53114,CVE-2023-53116,CVE-2023-53118,CVE-2023-53119,CVE-2023-53123,CVE-2023-53124,CVE-2023-53125,CVE-2023-53131,CVE-2023-53134,CVE-2023-53137,CVE-2023-53139,CVE-2023-53140,CVE-2023-53142,CVE-2023-53143,CVE-2023-53145,CVE-2024-53168,CVE-2024-56558,CVE-2025-21888,CVE-2025-21999,CVE-2025-22056,CVE-2025-22060,CVE-2025-23138,CVE-2025-23145,CVE-2025-37785,CVE-2025-37789,CVE-2025-37948,CVE-2025-37963
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2022-49110: netfilter: conntrack: revisit gc autotuning (bsc#1237981).
- CVE-2022-49139: Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt (bsc#1238032).
- CVE-2022-49767: 9p/trans_fd: always use O_NONBLOCK read/write (bsc#1242493).
- CVE-2022-49775: tcp: cdg: allow tcp_cdg_release() to be called multiple times (bsc#1242245).
- CVE-2022-49858: octeontx2-pf: Fix SQE threshold checking (bsc#1242589).
- CVE-2023-53058: net/mlx5: E-Switch, Fix an Oops in error handling code (bsc#1242237).
- CVE-2023-53060: igb: revert rtnl_lock() that causes deadlock (bsc#1242241).
- CVE-2023-53064: iavf: Fix hang on reboot with ice (bsc#1242222).
- CVE-2023-53066: qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info (bsc#1242227).
- CVE-2023-53079: net/mlx5: Fix steering rules cleanup (bsc#1242765).
- CVE-2023-53114: i40e: Fix kernel crash during reboot when adapter is in recovery mode (bsc#1242398).
- CVE-2023-53134: bnxt_en: Avoid order-5 memory allocation for TPA data (bsc#1242380)
- CVE-2024-53168: net: make sock_inuse_add() available (bsc#1234887).
- CVE-2024-56558: nfsd: make sure exp active before svc_export_show (bsc#1235100).
- CVE-2025-21888: RDMA/mlx5: Fix a WARN during dereg_mr for DM type (bsc#1240177).
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
The following non-security bugs were fixed:
- Refresh fixes for cBPF issue (bsc#1242778)
- Remove debug flavor (bsc#1243919).
- Update metadata and put them into the sorted part of the series
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (bsc#1242778).
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (bsc#1242778).
- arm64: insn: Add support for encoding DSB (bsc#1242778).
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (bsc#1242778).
- arm64: proton-pack: Expose whether the branchy loop k value (bsc#1242778).
- arm64: proton-pack: Expose whether the platform is mitigated by firmware (bsc#1242778).
- hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (bsc#1243737).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (bsc#1243737).
- hv_netvsc: Remove rmsg_pgcnt (bsc#1243737).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (bsc#1243737).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW (bsc#1218470 ltc#204531).
- scsi: core: Fix unremoved procfs host directory regression (git-fixes).
- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
The following package changes have been done:
- kernel-default-5.14.21-150400.24.167.1 updated
More information about the sle-container-updates
mailing list